[aiscott]

Flame is not remotely in the same category as stuxnet.

The news agencies are confusing capability with complexity. Stuxnet was very targeted with insider information on esoteric industrial systems. It was designed to fly under the radar, cause damage to physical systems in such a way that it would appear to be from "wear and tear."

As I recall, stuxnet used some compiler shenanigans to obfuscate stackframes and make it difficult to decompile (after having first decrypted the executable code).

Flame is written in Lua! A scripting language! So to say that somehow Flame is going to be hard to analyze is absurd.

It's a 20MB package of the Lua VM, the scripts, and modules like sqlite. It's about as vanilla of an application as you can get!

They claim this 20MB package size is going to make it super duper hard to analyze, and yet they have the source code to look at, and while it's a decent size at 3k lines, it's SOURCE CODE. Not obfuscated machine language.

The coverage on this is just stupid.

Some good information on Flame is at http://www.securelist.com/en/blog/208193522/The_Flame_Questi... . It still has the absurd commentary, but at least it gives details on what is actually there.

[kds]

Thanks for the securelist-link. It's indeed a better source for some technical details, also from a Kaspersky expert... But in the RT-interview the Kaspersky's chief malware expert says things that concur with what you share: "There is no reliable relation between Stuxnet and Flame as we call it…they are completely different. Because Stuxnet was a small application developed for a particular target with the specific objective to interact with industrial control systems and break them down. And Flame is a universal attacking tool kit used mostly for cyber espionage."